SlideShare uma empresa Scribd logo

Docker for the Enterprise: A Complete Guide to Adopting Containers

Transferir como PPTX, PDF
Bert Poller
Bert Poller

A presentation about container technology for the enterprise held at Ekito's geek breakfast the 4th of November 2016.

Tecnologia
1 de 51
Docker for the Enterprise @bertpoller ekito
Your Enterprise
Today’s strategic challenges Business Agility, Increased pace of delivery, Customer satisfaction • Low MTBIAMSH (Mean Time Between Idea and making Stuff happen)
Today’s strategic challenges Multiplication of smaller bespoke applications • WOA, SOA, Micro Services • Multiplication of front ends • Products are SaaS newly instantiated for each new customer
Today’s strategic challenges Ever increasing volumes of data and processing • Limited data center capacity • Ops efforts scale at best linearly with increased volume • Push for cloud deployments: private + public
Obstacles to overcome WaterScrumFall • Dev teams adopt iterative methodologies • The organization as a whole cannot keep up with Dev Team pace • Symptoms • Delivery to production still takes weeks • Upfront IT resource provisioning at the beginning of a project • Ticket based IT services deemed too slow for Dev teams • Difficulties in maintaining IT services catalogues with ever changing demands http://bit.ly/waterscrumfall
Obstacles to overcome Unaligned objectives and incentives between Devs and Ops • Devs seek implementing new features and hence introduce change • Ops seek stability, robustness, availability of systems they manage
Obstacles to overcome Hybrid clouds are complex • Different operating models between public cloud providers and private clouds • No real private cloud infrastructure • A Virtualized server infrastructure is not a private cloud
Keys to solve these challenges Break up organizational silos • Think in terms of products not projects • Construct multidisciplinary teams around products • Make Devs and Ops cooperate in these teams • But also other business stake holders
Keys to solve these challenges Align Dev and Ops objectives; increase customer satisfaction • Error Budget = 100% Availability – Service Level Objective • Use budget for • Feature changes and functional regressions (Dev) • Service Reliability Engineering (Ops) • When the error budget is consumed • New features must wait until the budget is recharged • Only bug fixes go into production
Keys to solve these challenges Construct an agile self-service infrastructure platform
Docker to the rescue
The challenge Source : https://github.com/mfilotto/docker-presentation/
Containers… Source : https://github.com/mfilotto/docker-presentation/
A Container System for Code Source : https://github.com/mfilotto/docker-presentation/
But we’ve got virtualization already like in…VMWare
Virtualization vs. Containers Virtualization Containers Containers are isolated but share OS and bins/ libraries, where appropriate
Isolation using Linux Features namespaces • pid, • mnt, • net, • uts, • Ipc, • user cgroups • memory • cpu • blkio • devices
Docker appeals for its… • Deployment Speed / Agility – minimal requirements for running the application, enabling quick and lightweight deployment • Portability – Independent self-sufficient application bundles Run across machines without compatibility issues • Reuse – Versioning, archiving, sharing, roll backs to previous versions of an application. Platform configurations as code • Efficiency - compared to classical virtualization, workloads can be run at higher densities thanks to avoided OS overhead Source: https://www.upguard.com/articles/docker-vs.-vmware-how-do-they-stack-up
Trade off … Speed vs. Isolation • Shared kernel between containers • OS-based isolation vs. hardware-based isolation in classical virtualization • Detractors often use this as argument for saying : “Docker is not safe”
Docker is not safe - well, Really ? Are all your VMs 100% up to date? Really? • VMs present a larger attack surface than Linux containers • Contaminated containers can be quickly destroyed and restarted • Docker tools allow for end to end security policy enforcement – for all containers (layered build approach, build automation, security scanning, trusted registries, container scheduling)
Trade off… Ephemeral vs. Stateful workloads • Docker works best with stateless applications • Every application must eventually persist its state (Databases) • Additional efforts and planning is required when setting up a multi-node production level Docker cluster
Isn’t this a bit like Java EE or OSGI ?
Isn’t this a bit like Java EE or OSGI ? EARs, WARs, JARs package applications in deployment artifacts • Middleware centric – you need an application server • Limited to Java eco system • Programming language lock-in • Programming model lock-in (Java EE / OSGI) • Also applies to more recent packaging formats, such as WebPacks
Ok but I’m already using Heroku… • PaaS • Build packs : Java, Node, Ruby,… • Intuitive UI / UX … nice ! • Source code is held in the repository - no built artifact • Docker • Is a shipping format • Can be used with Docker tool chain to build a more generic PaaS / CaaS
XaaS – Pyramid Software as a Service Platform as a Service Infrastructure as a Service Container as a Service Too high Too low Product Teams IT Ops Team
Docker Mission
Image Layers
Service Composition
Docker Mission
Docker Trusted Registry
Example CI / CD pipeline
Circle CI
Security Governance Its like a virus scanner for built containers • Can be integrated in your CI/CD pipeline • Scans for threads in defined policy files and CVC databases • Docker Security Scanning • CoreOS Clair • OpenSCAP container compliance • Redhat Atomic Scan • …
Docker Mission
Running a CaaS infrastructure
Linux Container Ecosystem
Docker Cluster Orchestration
Services, Routing and Load Balancing S_1 S_2 LB Overlay network App Scale Docker Host Docker Host Docker Host Service The scalable service pattern
Services, Routing and Load Balancing The scalable service pattern • Services scale instances of a container across the cluster • Comprises a load balancer and an overlay network to connect containers • Allows things like rolling updates and rollbacks • Exists in many schedulers: Kubernetes, Mesos… • Was introduced in Docker V1.12 Swarm mode • Not compatible with Docker Compose • Requires new Distributed Application Bundle – still experimental
Services, Routing and Load Balancing • Workaround prior to Docker 1.12 compatible with Compose V2
Services, Routing and Load Balancing Domain based routing
Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network Local storage local local local
Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB ??? Local storage local local
Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB Data Sync Volume plugin Volume plugin Volume plugin Volume plugin, distributed or externalized storage
Persistent workloads • Usage of volume plugins is encouraged • Decouples Product Teams from underlying storage solution • Connect to external block storage (SAN, NAS, Cloud Provider Block Storage) • Network based file systems between Docker Hosts • GlusterFS, Flocker, Infinit.sh, PortWorx, CEPH
PaaS style self service access • For Product Teams • Intuitive UI / UX experience • Role based access (RBAC) integration with Enterprise IAM • Groups, virtual environments • Integrates with private repositories, CI/CD • OpenShift, Rancher, Docker Datacenter…
Conclusion
Conclusion • Docker = Linux Containers + a Complete toolset • Large eco system (Kubernetes, MesoSphere, CoreOS, Rancher…) • Orchestration engine choice depends on your use cases • Limited risk on vendor lock-in: Docker Containers are de facto standard • Instead of growing your own cluster, see what the ecosystem can provide • Start small, grow steadily
Ils nous font confiance

Recomendados

Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseAlibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseJohn Willis
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source John Willis
 
Containers, microservices and serverless for realists
Containers, microservices and serverless for realistsContainers, microservices and serverless for realists
Containers, microservices and serverless for realistsKarthik Gaekwad
 
Cloud Native Patterns with Bluemix Developer Console
Cloud Native Patterns with Bluemix Developer ConsoleCloud Native Patterns with Bluemix Developer Console
Cloud Native Patterns with Bluemix Developer ConsoleMatthew Perrins
 
Containers and microservices for realists
Containers and microservices for realistsContainers and microservices for realists
Containers and microservices for realistsKarthik Gaekwad
 
Delivering Developer Tools at Scale
Delivering Developer Tools at ScaleDelivering Developer Tools at Scale
Delivering Developer Tools at ScaleOracle Developers
 
JavaOne Latin America - DevOps with Containers for Java
JavaOne Latin America - DevOps with Containers for JavaJavaOne Latin America - DevOps with Containers for Java
JavaOne Latin America - DevOps with Containers for JavaJelastic Multi-Cloud PaaS
 
Oracle Code Keynote with Thomas Kurian
Oracle Code Keynote with Thomas KurianOracle Code Keynote with Thomas Kurian
Oracle Code Keynote with Thomas KurianOracle Developers
 

Recomendados

Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseAlibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseJohn Willis
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source John Willis
 
Containers, microservices and serverless for realists
Containers, microservices and serverless for realistsContainers, microservices and serverless for realists
Containers, microservices and serverless for realistsKarthik Gaekwad
 
Cloud Native Patterns with Bluemix Developer Console
Cloud Native Patterns with Bluemix Developer ConsoleCloud Native Patterns with Bluemix Developer Console
Cloud Native Patterns with Bluemix Developer ConsoleMatthew Perrins
 
Containers and microservices for realists
Containers and microservices for realistsContainers and microservices for realists
Containers and microservices for realistsKarthik Gaekwad
 
Delivering Developer Tools at Scale
Delivering Developer Tools at ScaleDelivering Developer Tools at Scale
Delivering Developer Tools at ScaleOracle Developers
 
JavaOne Latin America - DevOps with Containers for Java
JavaOne Latin America - DevOps with Containers for JavaJavaOne Latin America - DevOps with Containers for Java
JavaOne Latin America - DevOps with Containers for JavaJelastic Multi-Cloud PaaS
 
Oracle Code Keynote with Thomas Kurian
Oracle Code Keynote with Thomas KurianOracle Code Keynote with Thomas Kurian
Oracle Code Keynote with Thomas KurianOracle Developers
 
Hypervisor "versus" Linux Containers with Docker !
Hypervisor "versus" Linux Containers with Docker !Hypervisor "versus" Linux Containers with Docker !
Hypervisor "versus" Linux Containers with Docker !Francisco Gonçalves
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17Mario-Leander Reimer
 
As a Service: Cloud Foundry on OpenStack - Lessons Learnt
As a Service: Cloud Foundry on OpenStack - Lessons LearntAs a Service: Cloud Foundry on OpenStack - Lessons Learnt
As a Service: Cloud Foundry on OpenStack - Lessons LearntAnimesh Singh
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1Docker, Inc.
 
Introduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application ArchitectureIntroduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application ArchitectureDavid Currie
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesAtlassian
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.
 
DockerPenang Meetup#1
DockerPenang Meetup#1DockerPenang Meetup#1
DockerPenang Meetup#1Sujay Pillai
 
Cloud Foundry Vancouver Meetup July 2016
Cloud Foundry Vancouver Meetup July 2016Cloud Foundry Vancouver Meetup July 2016
Cloud Foundry Vancouver Meetup July 2016Stuart Charlton
 
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Lucas Jellema
 
introduction to micro services
introduction to micro servicesintroduction to micro services
introduction to micro servicesSpyros Lambrinidis
 
Platform Clouds, Containers, Immutable Infrastructure Oh My!
Platform Clouds, Containers, Immutable Infrastructure Oh My!Platform Clouds, Containers, Immutable Infrastructure Oh My!
Platform Clouds, Containers, Immutable Infrastructure Oh My!Stuart Charlton
 
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...Animesh Singh
 
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06Derek Ashmore
 
Docker Datacenter - CaaS
Docker Datacenter - CaaSDocker Datacenter - CaaS
Docker Datacenter - CaaSHarish Jayakumar
 
Webinar Docker Tri Series
Webinar Docker Tri SeriesWebinar Docker Tri Series
Webinar Docker Tri SeriesNewt Global Consulting LLC
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2Docker, Inc.
 
Cloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackCloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackAnimesh Singh
 
Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic - DevOps for Java with Docker Containers - Madrid 2015Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic - DevOps for Java with Docker Containers - Madrid 2015Jelastic Multi-Cloud PaaS
 
Cloud foundry Docker Openstack - Leading Open Source Triumvirate
Cloud foundry Docker Openstack - Leading Open Source TriumvirateCloud foundry Docker Openstack - Leading Open Source Triumvirate
Cloud foundry Docker Openstack - Leading Open Source TriumvirateAnimesh Singh
 
Addressing security concerns through BPM
Addressing security concerns through BPMAddressing security concerns through BPM
Addressing security concerns through BPMAlexander SAMARIN
 
Presentation websockets
Presentation websocketsPresentation websockets
Presentation websocketsBert Poller
 

Mais conteúdo relacionado

Mais procurados

Hypervisor "versus" Linux Containers with Docker !
Hypervisor "versus" Linux Containers with Docker !Hypervisor "versus" Linux Containers with Docker !
Hypervisor "versus" Linux Containers with Docker !Francisco Gonçalves
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17Mario-Leander Reimer
 
As a Service: Cloud Foundry on OpenStack - Lessons Learnt
As a Service: Cloud Foundry on OpenStack - Lessons LearntAs a Service: Cloud Foundry on OpenStack - Lessons Learnt
As a Service: Cloud Foundry on OpenStack - Lessons LearntAnimesh Singh
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1Docker, Inc.
 
Introduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application ArchitectureIntroduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application ArchitectureDavid Currie
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesAtlassian
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Docker, Inc.
 
DockerPenang Meetup#1
DockerPenang Meetup#1DockerPenang Meetup#1
DockerPenang Meetup#1Sujay Pillai
 
Cloud Foundry Vancouver Meetup July 2016
Cloud Foundry Vancouver Meetup July 2016Cloud Foundry Vancouver Meetup July 2016
Cloud Foundry Vancouver Meetup July 2016Stuart Charlton
 
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Lucas Jellema
 
introduction to micro services
introduction to micro servicesintroduction to micro services
introduction to micro servicesSpyros Lambrinidis
 
Platform Clouds, Containers, Immutable Infrastructure Oh My!
Platform Clouds, Containers, Immutable Infrastructure Oh My!Platform Clouds, Containers, Immutable Infrastructure Oh My!
Platform Clouds, Containers, Immutable Infrastructure Oh My!Stuart Charlton
 
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...Animesh Singh
 
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06Derek Ashmore
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2Docker, Inc.
 
Cloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackCloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackAnimesh Singh
 
Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic - DevOps for Java with Docker Containers - Madrid 2015Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic - DevOps for Java with Docker Containers - Madrid 2015Jelastic Multi-Cloud PaaS
 
Cloud foundry Docker Openstack - Leading Open Source Triumvirate
Cloud foundry Docker Openstack - Leading Open Source TriumvirateCloud foundry Docker Openstack - Leading Open Source Triumvirate
Cloud foundry Docker Openstack - Leading Open Source TriumvirateAnimesh Singh
 

Mais procurados (20)

Hypervisor "versus" Linux Containers with Docker !
Hypervisor "versus" Linux Containers with Docker !Hypervisor "versus" Linux Containers with Docker !
Hypervisor "versus" Linux Containers with Docker !
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
 
As a Service: Cloud Foundry on OpenStack - Lessons Learnt
As a Service: Cloud Foundry on OpenStack - Lessons LearntAs a Service: Cloud Foundry on OpenStack - Lessons Learnt
As a Service: Cloud Foundry on OpenStack - Lessons Learnt
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1
 
Introduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application ArchitectureIntroduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application Architecture
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick Stinemates
 
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...
 
DockerPenang Meetup#1
DockerPenang Meetup#1DockerPenang Meetup#1
DockerPenang Meetup#1
 
Cloud Foundry Vancouver Meetup July 2016
Cloud Foundry Vancouver Meetup July 2016Cloud Foundry Vancouver Meetup July 2016
Cloud Foundry Vancouver Meetup July 2016
 
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
 
introduction to micro services
introduction to micro servicesintroduction to micro services
introduction to micro services
 
Platform Clouds, Containers, Immutable Infrastructure Oh My!
Platform Clouds, Containers, Immutable Infrastructure Oh My!Platform Clouds, Containers, Immutable Infrastructure Oh My!
Platform Clouds, Containers, Immutable Infrastructure Oh My!
 
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
Introducing Cloud Native, Event Driven, Serverless, Micrsoservices Framework ...
 
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
 
Docker Datacenter - CaaS
Docker Datacenter - CaaSDocker Datacenter - CaaS
Docker Datacenter - CaaS
 
Webinar Docker Tri Series
Webinar Docker Tri SeriesWebinar Docker Tri Series
Webinar Docker Tri Series
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2
 
Cloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackCloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStack
 
Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic - DevOps for Java with Docker Containers - Madrid 2015Jelastic - DevOps for Java with Docker Containers - Madrid 2015
Jelastic - DevOps for Java with Docker Containers - Madrid 2015
 
Cloud foundry Docker Openstack - Leading Open Source Triumvirate
Cloud foundry Docker Openstack - Leading Open Source TriumvirateCloud foundry Docker Openstack - Leading Open Source Triumvirate
Cloud foundry Docker Openstack - Leading Open Source Triumvirate
 

Destaque

Addressing security concerns through BPM
Addressing security concerns through BPMAddressing security concerns through BPM
Addressing security concerns through BPMAlexander SAMARIN
 
Presentation websockets
Presentation websocketsPresentation websockets
Presentation websocketsBert Poller
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015WaveMaker, Inc.
 
The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...Adrien Blind
 
Docker Meetup Paris: enterprise Docker
Docker Meetup Paris: enterprise DockerDocker Meetup Paris: enterprise Docker
Docker Meetup Paris: enterprise DockerArnaud MAZIN
 
Better application architecture with #microservices and #BPM (as APaaS)
Better application architecture with #microservices and #BPM (as APaaS)Better application architecture with #microservices and #BPM (as APaaS)
Better application architecture with #microservices and #BPM (as APaaS)Alexander SAMARIN
 
Common Object Request Broker Architecture - CORBA
Common Object Request Broker Architecture - CORBACommon Object Request Broker Architecture - CORBA
Common Object Request Broker Architecture - CORBAPeter R. Egli
 
Corba concepts & corba architecture
Corba concepts & corba architectureCorba concepts & corba architecture
Corba concepts & corba architecturenupurmakhija1211
 
La mediación escolar_rosa_garcia_mendive
La mediación escolar_rosa_garcia_mendiveLa mediación escolar_rosa_garcia_mendive
La mediación escolar_rosa_garcia_mendiverosagarciamendive
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker, Inc.
 

Destaque (11)

Addressing security concerns through BPM
Addressing security concerns through BPMAddressing security concerns through BPM
Addressing security concerns through BPM
 
Presentation websockets
Presentation websocketsPresentation websockets
Presentation websockets
 
Corba model ppt
Corba model pptCorba model ppt
Corba model ppt
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015
 
The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...
 
Docker Meetup Paris: enterprise Docker
Docker Meetup Paris: enterprise DockerDocker Meetup Paris: enterprise Docker
Docker Meetup Paris: enterprise Docker
 
Better application architecture with #microservices and #BPM (as APaaS)
Better application architecture with #microservices and #BPM (as APaaS)Better application architecture with #microservices and #BPM (as APaaS)
Better application architecture with #microservices and #BPM (as APaaS)
 
Common Object Request Broker Architecture - CORBA
Common Object Request Broker Architecture - CORBACommon Object Request Broker Architecture - CORBA
Common Object Request Broker Architecture - CORBA
 
Corba concepts & corba architecture
Corba concepts & corba architectureCorba concepts & corba architecture
Corba concepts & corba architecture
 
La mediación escolar_rosa_garcia_mendive
La mediación escolar_rosa_garcia_mendiveLa mediación escolar_rosa_garcia_mendive
La mediación escolar_rosa_garcia_mendive
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
 

Semelhante a Docker for the Enterprise: A Complete Guide to Adopting Containers

Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerWeb à Québec
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013dotCloud
 
Storage Integrations for Container Orchestrators
Storage Integrations for Container OrchestratorsStorage Integrations for Container Orchestrators
Storage Integrations for Container Orchestrators{code} by Dell EMC
 
Fuse integration-services
Fuse integration-servicesFuse integration-services
Fuse integration-servicesChristian Posta
 
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Dmitry Lazarenko
 
Intro to Docker October 2013
Intro to Docker October 2013Intro to Docker October 2013
Intro to Docker October 2013Docker, Inc.
 
A curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & KubernetesA curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & KuberneteszekeLabs Technologies
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopManuel Garcia
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...Sébastien Portebois
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 
Stay productive while slicing up the monolith
Stay productive while slicing up the monolith Stay productive while slicing up the monolith
Stay productive while slicing up the monolith Markus Eisele
 
Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes mattersPlatform9
 
Jelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic Multi-Cloud PaaS
 
Containers and Microservices for Realists
Containers and Microservices for RealistsContainers and Microservices for Realists
Containers and Microservices for RealistsOracle Developers
 

Semelhante a Docker for the Enterprise: A Complete Guide to Adopting Containers (20)

Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
 
Containers and Docker
Containers and DockerContainers and Docker
Containers and Docker
 
Webinar : Docker in Production
Webinar : Docker in ProductionWebinar : Docker in Production
Webinar : Docker in Production
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
 
Storage Integrations for Container Orchestrators
Storage Integrations for Container OrchestratorsStorage Integrations for Container Orchestrators
Storage Integrations for Container Orchestrators
 
Fuse integration-services
Fuse integration-servicesFuse integration-services
Fuse integration-services
 
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
 
Intro to Docker October 2013
Intro to Docker October 2013Intro to Docker October 2013
Intro to Docker October 2013
 
{code} and containers
{code} and containers{code} and containers
{code} and containers
 
A curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & KubernetesA curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & Kubernetes
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment Workshop
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data Scientists
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetes
 
Stay productive while slicing up the monolith
Stay productive while slicing up the monolith Stay productive while slicing up the monolith
Stay productive while slicing up the monolith
 
Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes matters
 
Cloud patterns
Cloud patternsCloud patterns
Cloud patterns
 
Jelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service ProvidersJelastic - DevOps PaaS Business with Docker Support for Service Providers
Jelastic - DevOps PaaS Business with Docker Support for Service Providers
 
Containers and Microservices for Realists
Containers and Microservices for RealistsContainers and Microservices for Realists
Containers and Microservices for Realists
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud training
 

Último

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Último (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

Docker for the Enterprise: A Complete Guide to Adopting Containers

  • 1. Docker for the Enterprise @bertpoller ekito
  • 3. Today’s strategic challenges Business Agility, Increased pace of delivery, Customer satisfaction • Low MTBIAMSH (Mean Time Between Idea and making Stuff happen)
  • 4. Today’s strategic challenges Multiplication of smaller bespoke applications • WOA, SOA, Micro Services • Multiplication of front ends • Products are SaaS newly instantiated for each new customer
  • 5. Today’s strategic challenges Ever increasing volumes of data and processing • Limited data center capacity • Ops efforts scale at best linearly with increased volume • Push for cloud deployments: private + public
  • 6. Obstacles to overcome WaterScrumFall • Dev teams adopt iterative methodologies • The organization as a whole cannot keep up with Dev Team pace • Symptoms • Delivery to production still takes weeks • Upfront IT resource provisioning at the beginning of a project • Ticket based IT services deemed too slow for Dev teams • Difficulties in maintaining IT services catalogues with ever changing demands http://bit.ly/waterscrumfall
  • 7. Obstacles to overcome Unaligned objectives and incentives between Devs and Ops • Devs seek implementing new features and hence introduce change • Ops seek stability, robustness, availability of systems they manage
  • 8. Obstacles to overcome Hybrid clouds are complex • Different operating models between public cloud providers and private clouds • No real private cloud infrastructure • A Virtualized server infrastructure is not a private cloud
  • 9. Keys to solve these challenges Break up organizational silos • Think in terms of products not projects • Construct multidisciplinary teams around products • Make Devs and Ops cooperate in these teams • But also other business stake holders
  • 10. Keys to solve these challenges Align Dev and Ops objectives; increase customer satisfaction • Error Budget = 100% Availability – Service Level Objective • Use budget for • Feature changes and functional regressions (Dev) • Service Reliability Engineering (Ops) • When the error budget is consumed • New features must wait until the budget is recharged • Only bug fixes go into production
  • 11. Keys to solve these challenges Construct an agile self-service infrastructure platform
  • 12. Docker to the rescue
  • 13. The challenge Source : https://github.com/mfilotto/docker-presentation/
  • 15. A Container System for Code Source : https://github.com/mfilotto/docker-presentation/
  • 16. But we’ve got virtualization already like in…VMWare
  • 17. Virtualization vs. Containers Virtualization Containers Containers are isolated but share OS and bins/ libraries, where appropriate
  • 18. Isolation using Linux Features namespaces • pid, • mnt, • net, • uts, • Ipc, • user cgroups • memory • cpu • blkio • devices
  • 19. Docker appeals for its… • Deployment Speed / Agility – minimal requirements for running the application, enabling quick and lightweight deployment • Portability – Independent self-sufficient application bundles Run across machines without compatibility issues • Reuse – Versioning, archiving, sharing, roll backs to previous versions of an application. Platform configurations as code • Efficiency - compared to classical virtualization, workloads can be run at higher densities thanks to avoided OS overhead Source: https://www.upguard.com/articles/docker-vs.-vmware-how-do-they-stack-up
  • 20. Trade off … Speed vs. Isolation • Shared kernel between containers • OS-based isolation vs. hardware-based isolation in classical virtualization • Detractors often use this as argument for saying : “Docker is not safe”
  • 21. Docker is not safe - well, Really ? Are all your VMs 100% up to date? Really? • VMs present a larger attack surface than Linux containers • Contaminated containers can be quickly destroyed and restarted • Docker tools allow for end to end security policy enforcement – for all containers (layered build approach, build automation, security scanning, trusted registries, container scheduling)
  • 22. Trade off… Ephemeral vs. Stateful workloads • Docker works best with stateless applications • Every application must eventually persist its state (Databases) • Additional efforts and planning is required when setting up a multi-node production level Docker cluster
  • 23. Isn’t this a bit like Java EE or OSGI ?
  • 24. Isn’t this a bit like Java EE or OSGI ? EARs, WARs, JARs package applications in deployment artifacts • Middleware centric – you need an application server • Limited to Java eco system • Programming language lock-in • Programming model lock-in (Java EE / OSGI) • Also applies to more recent packaging formats, such as WebPacks
  • 25. Ok but I’m already using Heroku… • PaaS • Build packs : Java, Node, Ruby,… • Intuitive UI / UX … nice ! • Source code is held in the repository - no built artifact • Docker • Is a shipping format • Can be used with Docker tool chain to build a more generic PaaS / CaaS
  • 26. XaaS – Pyramid Software as a Service Platform as a Service Infrastructure as a Service Container as a Service Too high Too low Product Teams IT Ops Team
  • 32. Example CI / CD pipeline
  • 34. Security Governance Its like a virus scanner for built containers • Can be integrated in your CI/CD pipeline • Scans for threads in defined policy files and CVC databases • Docker Security Scanning • CoreOS Clair • OpenSCAP container compliance • Redhat Atomic Scan • …
  • 36. Running a CaaS infrastructure
  • 39. Services, Routing and Load Balancing S_1 S_2 LB Overlay network App Scale Docker Host Docker Host Docker Host Service The scalable service pattern
  • 40. Services, Routing and Load Balancing The scalable service pattern • Services scale instances of a container across the cluster • Comprises a load balancer and an overlay network to connect containers • Allows things like rolling updates and rollbacks • Exists in many schedulers: Kubernetes, Mesos… • Was introduced in Docker V1.12 Swarm mode • Not compatible with Docker Compose • Requires new Distributed Application Bundle – still experimental
  • 41. Services, Routing and Load Balancing • Workaround prior to Docker 1.12 compatible with Compose V2
  • 42. Services, Routing and Load Balancing Domain based routing
  • 43. Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network Local storage local local local
  • 44. Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB ??? Local storage local local
  • 45. Persistent workloads Backend Network App Docker Host Docker Host Docker Host DB Frontend Network DB Data Sync Volume plugin Volume plugin Volume plugin Volume plugin, distributed or externalized storage
  • 46. Persistent workloads • Usage of volume plugins is encouraged • Decouples Product Teams from underlying storage solution • Connect to external block storage (SAN, NAS, Cloud Provider Block Storage) • Network based file systems between Docker Hosts • GlusterFS, Flocker, Infinit.sh, PortWorx, CEPH
  • 47. PaaS style self service access • For Product Teams • Intuitive UI / UX experience • Role based access (RBAC) integration with Enterprise IAM • Groups, virtual environments • Integrates with private repositories, CI/CD • OpenShift, Rancher, Docker Datacenter…
  • 49. Conclusion • Docker = Linux Containers + a Complete toolset • Large eco system (Kubernetes, MesoSphere, CoreOS, Rancher…) • Orchestration engine choice depends on your use cases • Limited risk on vendor lock-in: Docker Containers are de facto standard • Instead of growing your own cluster, see what the ecosystem can provide • Start small, grow steadily
  • 50.
  • 51. Ils nous font confiance